The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
TheServerSide

Run Llama LLMs on your laptop with Hugging Face and Python

There are numerous ways to run large language models such as DeepSeek, Claude or Meta's Llama locally on your laptop, including Ollama and Modular's Max platform. But if you want to fully control the ...
MacRumors

Anthropic Rebuilds Claude Code Desktop App Around Parallel Sessions

Anthropic has released a redesigned Claude Code experience for its Claude desktop app, bringing in a new sidebar for managing multiple sessions, a drag-and-drop layout for arranging the workspace, and ...
CNBC

Anthropic leaks part of Claude Code's internal source code

Anthropic accidentally leaked part of the internal source code for its coding assistant Claude Code, according to a spokesperson. The leak could help give software developers, and Anthropic's ...
VentureBeat

Claude Code's source code appears to have leaked: here's what we know

VentureBeat made with Google Gemini 3.1 Pro Image Anthropic appears to have accidentally revealed the inner workings of one of its most popular and lucrative AI products, the agentic AI harness Claude ...
Geeky Gadgets

How Cloudflare’s Dynamic Workers Make Serverless Sandboxes 100X Faster

Cloudflare’s Dynamic Workers introduce a new approach to serverless computing by using V8 isolates, a technology originally developed for the Chrome browser. Unlike traditional container-based ...
TechCrunch

Claude Code rolls out a voice mode capability

Anthropic is bringing Voice Mode to Claude Code, the company’s AI coding assistant for developers. The launch of voice mode marks a significant step toward more hands-free, conversational coding ...
usa.inquirer

8 best online JavaScript compilers for practice (free and fast)

JavaScript is the foundation of the modern web. From simple button clicks to complex web applications, almost everything interactive you see online runs on JavaScript. Whether you are a beginner ...
Bleeping Computer

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. The open-source ...
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

The hackers trick victims into accessing GitHub or GitLab repositories that are opened using Visual Studio Code. Once the repositories are opened in VS Code, the victim is prompted to trust the ...